package com.my.demo.gatewayService.auth;

import java.util.Arrays;
import java.util.List;

import org.springframework.beans.factory.annotation.Value;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

import cn.hutool.core.util.ArrayUtil;
import lombok.AllArgsConstructor;

@AllArgsConstructor
@Configuration
public class ResourceServerConfig {

	private final AuthorizationManager authorizationManager;
	private final IgnoreUrlsConfig ignoreUrlsConfig;

	@Bean
	public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
		List<String> ignoreUrls = ignoreUrlsConfig.getUrls();
		http.authorizeExchange().pathMatchers(ArrayUtil.toArray(ignoreUrls, String.class)).permitAll()// 白名单配置
				.anyExchange().access(authorizationManager)// 鉴权管理器配置
				.and().exceptionHandling().and().csrf().disable();
		return http.build();
	}
}
